Cloudflare

Description

What this plugin can do for you

One-click WordPress-optimized settings

The easiest way to setup Cloudflare for your WordPress site.

Web application firewall (WAF) rulesets

Available on all of Cloudflare’s paid plans, the WAF has built-in rulesets, including rules that mitigate WordPress specific threats and vulnerabilities. These security rules are always kept up-to-date, once the WAF is enabled, you can rest easy knowing your site is protected from even the latest threats.

Automatic cache purge

Occurs when you change the appearance of your website. This means that you can focus on your website, while we ensure that the latest content is always available to your visitors.
(Note: By default, Cloudflare does not cache HTML, and a cache purge is not required on updating HTML content such as publishing a new blog entry).

Additional features

Header rewrite to prevent a redirect loop when Cloudflare’s Universal SSL is enabled

Change Cloudflare settings from within the plugin itself without needing to navigate to the cloudflare.com dashboard. You can change settings for cache purge, security level, Always Online, and image optimization

View analytics such as total visitors, bandwidth saved, and threats blocked

From WordPress.org

Once Activated

Login with your cloudflare account. (If you don’t have a Cloudflare account first sign up for Cloudflare)

Press your account name on top right corner and select “My Settings”

Scroll down to “API Key” → “Global API Key” → View API Key

Copy the API key

Return back to WordPress Cloudflare Plugin page

Enter your email address and paste your API key

Press Login.

Do I need a Cloudflare account to use the plugin?

Yes, on install and activation the plugin, first time users will be asked to enter their email address (used to sign-up for an account at cloudflare.com) and their user API key. This is needed to support all the features offered by the plugin.

What settings are applied when I click “Apply Default Settings” in Cloudflare’s WordPress plugin?

CSRF Token not found. It's possible another plugin is altering requests sent by the Cloudflare plugin.
In short, the plugin is useless as whenever i try to chenge something i get the error above. Will anyone help with it or not? I've saw tens of the sames issue online for over a year but not even one ever being solved?!

Nothing seem to work on Cloudflare.
If you go with the free Universal SSL Certificate your site will crash directly once you change the nameservers. (To wait 24h to activate the universal ssl is just a joke!)
If you purchase their dedicated SSL certificate (it cost $5 / month) your site will crash again, issuing a 403 Fobidden error.
Customer support on their website is not responsive after submiting a ticket, even if you paid for a dedicated SSL.
I would recommend everyone to avoid this plugin